This bug is reproducible most simply if you set Seven as your main site theme and then go to example.com/whatever, but it is a more general problem. We should fix it - the shortcut '+' icon looks odd on these pages, and I can't imagine much of a legitimate reason to bookmark a page you can't see (plus, I don't even think it works correctly).

I think I would be more comfortable with this test being a valid test if it also tested a page that *should* have a shortcut (using the same testing sequence), and verified that the shortcut was there.

Here's a new patch with 2 lines added to the test to verify the methodology. Hope that's OK. This exact way of testing that the shortcut link is there is not used elsewhere in the test file, so for me, adding the two lines (plus comment) made the test clearer.

Something like that to be a little bit more clear about the notion of "admin user", i was wondering why this assertion was right according to the fact that you were logged in as "admin" (but actually you're just shortcuts admin).

// The user can not access to this path because he doesn't have "Administer modules" permission. (403 HTTP code returned)

Really do you think that comment in the test needs more description? The test header says

+ /**
+ * Tests that the add shortcut link is not displayed for 404/403 errors.
+ *
+ * Tests that the "Add to shortcuts" link is not displayed on a page not
+ * found or a page the user does not have access to.
+ */

and that line of comment is just meant to say that this is the page the logged-in user doesn't have access to, which is what we are trying to test?

Ok, just a reroll so it applies cleanly with git. I'm ok with the original docblock. I don't really think that such long inline comments aren't needed, especially if we're going to remove this again in D8 - someone needs to explain that to me however :)